Re: [TLS] Confirming consensus: TLS1.3->TLS*
Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 19 November 2016 03:01 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 182261295C7 for <tls@ietfa.amsl.com>; Fri, 18 Nov 2016 19:01:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.697
X-Spam-Level:
X-Spam-Status: No, score=-5.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cWToAh5fTWDP for <tls@ietfa.amsl.com>; Fri, 18 Nov 2016 19:01:43 -0800 (PST)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE9C91295AC for <tls@ietf.org>; Fri, 18 Nov 2016 19:01:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1479524502; x=1511060502; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=edqoSs7uMuFvgjYraM3xpur5ef6OS9AE3lzZBQCP6F0=; b=j0ybJP+H+7YOhzp8gF1n3Y9TAZBnB7IYMllAdnP4M/MA6ElBTzV5vFPp AuIvWMfUzc3kB+oE8VtOPbxilxERbXYNjIdhET1UlHbiXw5dHT6xtkc3Z Boh7DXr66REXyZDyELCsNYIxDlL+5ro+OmZgb6Nub622/ac543X1SKuZP R0GHaJe0idcVTJJNQahNn+VJrjG8q8NUSR9UtPpFnC1LqndmDliPPtZBp uQOdx0315kV7gJ8nYaEVEg9/TXp5nJLmGau6W/Ov4ANeZJizPrzrpgNEp v90fZ1t+K1Yk4OVt96ZK1BwFxGI9eKhMUBcNt6qRoUi10/wwwzYy/gvH7 A==;
X-IronPort-AV: E=Sophos;i="5.31,513,1473076800"; d="scan'208";a="115890428"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.2.2 - Outgoing - Outgoing
Received: from uxcn13-ogg-a.uoa.auckland.ac.nz ([10.6.2.2]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 19 Nov 2016 16:01:41 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-ogg-a.UoA.auckland.ac.nz (10.6.2.2) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Sat, 19 Nov 2016 16:01:39 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) with mapi id 15.00.1178.000; Sat, 19 Nov 2016 16:01:39 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Vlad Krasnov <vlad@cloudflare.com>, "D. J. Bernstein" <djb@cr.yp.to>
Thread-Topic: [TLS] Confirming consensus: TLS1.3->TLS*
Thread-Index: AQHSQUFcD667DaatoU6RNleDGo1T66DeMNiAgAAWzYCAAVf3+w==
Date: Sat, 19 Nov 2016 03:01:38 +0000
Message-ID: <1479524488503.69936@cs.auckland.ac.nz>
References: <20161118180737.16475.qmail@cr.yp.to>, <555F1FCF-CB73-48D4-AC7C-A255EF3ACE2C@cloudflare.com>
In-Reply-To: <555F1FCF-CB73-48D4-AC7C-A255EF3ACE2C@cloudflare.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/nv7EEFRiAsZwXsn5-d8p7Rc65B4>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Confirming consensus: TLS1.3->TLS*
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Nov 2016 03:01:44 -0000
Vlad Krasnov <vlad@cloudflare.com> writes: >Second: I don’t think that the changes between TLS 1.3 and TLS 1.2 are >considered a major: just look at the difference between HTTP/2 and HTTP/1 - >those are completely different protocols. So are TLS 1.x and "1.3". It'd be interesting to hear from other implementers on this, but my secure-tunnel code consists of a high-level framework that handles things at an abstract level, client hello, server hello, keyex, keyex- auth, finished, and subsequent stuff, and that's the same for both TLS and SSH (I use TLS names for consistency, but SSH does the same things under its own names). The bit-bagging for the two is obviously quite different, but the high-level handling is taken from the same code. For "1.3" I looked at what it'd take to bolt it onto the side of the other 1.x code and it'd end up as this weird hermaphrodite mixture with huge amounts of effort devoted to trying to track whether it's meant to be acting as 1.x or "1.3", with the accompanying opportunity for problems if I miss something and drop from 1.x to "1.3" or the other way round. The easiest way to implement it is as a new protocol, trying to pretend that 1.x and "1.3" are the same thing just leads to an implementation nightmare when you have to keep the two distinct. So at least from this implementation's point of view, they're different protocols. Peter.
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Joseph Birr-Pixton
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Yoav Nir
- [TLS] Confirming consensus: TLS1.3->TLS* Sean Turner
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Erik Nygren
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Nick Harper
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Tony Arcieri
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Viktor Dukhovni
- Re: [TLS] Confirming consensus: TLS1.3->TLS* David Benjamin
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Dave Garrett
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Martin Thomson
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ilari Liusvaara
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Hubert Kario
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Viktor Dukhovni
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Eric Mill
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ilari Liusvaara
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Michael Ströder
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Will Serumgard
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Adam Langley
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Henrick Hellström
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ira McDonald
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Christian Huitema
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Dave Kern
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Martin Rex
- Re: [TLS] Confirming consensus: TLS1.3->TLS* D. J. Bernstein
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Vlad Krasnov
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Deb Cooley
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Vlad Krasnov
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Eftychios Theodorakis
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Vlad Krasnov
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Julien ÉLIE
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Martin Thomson
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Eric Mill
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Nick Sullivan
- Re: [TLS] Confirming consensus: TLS1.3->TLS* David Adrian
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Kazuho Oku
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* David Woodhouse
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Melinda Shore
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ilari Liusvaara
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Victor Vasiliev
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Anders Rundgren
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Jeffrey Walton
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Viktor Dukhovni
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Watson Ladd
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ira McDonald
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Judson Wilson
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Vlad Krasnov
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Steven Valdez
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Filippo Valsorda
- Re: [TLS] Confirming consensus: TLS1.3->TLS* D. J. Bernstein
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Eric Rescorla
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Eric Mill
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Bill Frantz
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Xiaoyin Liu
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Mark Nottingham
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Viktor Dukhovni
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Andrey Jivsov
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Andrei Popov
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Dmitry Belyavsky
- Re: [TLS] Confirming consensus: TLS1.3->TLS* darin.pettis
- Re: [TLS] Confirming consensus: TLS1.3->TLS* =JeffH
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Yoav Nir
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Eric Rescorla
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Short, Todd
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Sean Leonard
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Richard Barnes
- Re: [TLS] Confirming consensus: TLS1.3->TLS* David Woodhouse
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Hugo Krawczyk
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Scott Schmit
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Daniel Migault
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Dave Garrett
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Anders Rundgren
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Dan Brown
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Timothy Jackson
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Raja ashok
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Nick Sullivan
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Viktor Dukhovni
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Tony Arcieri
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Watson Ladd
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* David Benjamin
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Bill Frantz
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Stephen Farrell
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Yoav Nir
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Matt Caswell
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Hubert Kario
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ted Lemon
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Hubert Kario
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Hubert Kario
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ackermann, Michael
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Hubert Kario
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Thomas Pornin
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ted Lemon
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Maarten Bodewes
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Daniel Kahn Gillmor
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Rob Stradling
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Hubert Kario
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Andrei Popov
- Re: [TLS] Confirming consensus: TLS1.3->TLS* David Benjamin
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Yoav Nir
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Andrei Popov
- Re: [TLS] Confirming consensus: TLS1.3->TLS* darin.pettis
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Viktor Dukhovni
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ackermann, Michael
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Salz, Rich
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Aaron Zauner
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Michael D'Errico
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Patrick McManus
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Ted Lemon
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Tony Arcieri
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Tony Arcieri
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Viktor Dukhovni
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Scott Schmit
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Scott Schmit
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Tony Arcieri
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Karthik Bhargavan
- [TLS] closing thread -> Re: Confirming consensus:… Sean Turner
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Peter Gutmann
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Mohan Sekar
- Re: [TLS] Confirming consensus: TLS1.3->TLS* Joseph Salowey